Complete Story


Flash Gets in One More Security Fail Before Retirement

The vulnerability was discovered by several security firms

Adobe has issued a security update for Flash Player today to patch a zero-day vulnerability exploited by attackers in the wild.

The vulnerability was discovered and independently reported by several security firms —ICEBRG, Tencent, and two security divisions from Chinese cyber-security giant Qihoo 360.

The vulnerability, tracked as CVE-2018-5002, impacts Adobe Flash Player and earlier versions. It was fixed with the release of Flash Player Experts say the hackers used Office files to exploit this Flash zero-day. Attackers would deliver Office files to victims that would load a malicious SWF file from a remote server and execute it inside the Office document.

Please select this link to read the complete article from Bleeping Computer.

Printer-Friendly Version